EUVD-2021-1171

Malware in sbrugna...

co.elastic.apm:apm-agent-attach-cli (>=1.26.0 <=1.55.6), com.adobe.documentservices:pdfservices-sdk (>=2.2.2 <=3.5.1) +169 more potentially affected by CVE-2025-8885 via org.bouncycastle:bc-fips (>=1.0.1 <=1.0.2.5)

org.bouncycastle:bc-fips MAVEN version =1.0.1, =1.26.0, =2.2.2, =4.16.8.0, =4.16.8.0, =4.16.8.0, =4.16.8.0, =4.16.8.0, =4.16.8.0, =4.16.8.0, =4.16.8.0, =4.16.8.0, =4.16.8.0, =4.16.8.0, =4.16.8.0, =4.16.8.0, =4.17.4.0 and more Source cves: CVE-2025-8885 Source advisory:...

CVE-2019-7615

A TLS certificate validation flaw was found in Elastic APM agent for Ruby versions before 2.9.0. When specifying a trusted server CA certificate via the 'servercacert' setting, the Ruby agent would not properly verify the certificate returned by the APM server. This could result in a man in the...

Local Privilege Escalation

apm-agent-parent is vulnerable to local Privilege Escalation. An attacker can inject a malicious plugin to an application running the apm-agent. The attacker can potentially escalate their privileges to higher level as a result of exploiting this vulnerability...

Security Bulletin: Vulnerability of jython-standalone-2.7.0.jar have affected APM WebSphere Application Server Agent and APM Tomcat Agent

Summary APM WebSphere Application Server Agent and APM Tomcat Agent are vulnerable to jython-standalone-2.7.0.jar CVE-2013-2027. The workaround includes jython-standalone-2.7.0.jar upgraded to jython-standalone-2.7.3.jar. Vulnerability Details CVEID:CVE-2013-2027 DESCRIPTION: Jython could allow a...

Security Bulletin: Multiple Vulnerabilities of Apache HttpClient have affected APM Linux KVM Agent

Summary APM Linux KVM Agent is vulnerable to Apache HttpClient vulnerabilities described in220912, CVE-2020-13956. The fix includes httpclient-4.5.jar upgraded to httpclient-4.5.13.jar Vulnerability Details CVEID:CVE-2012-6153 DESCRIPTION: Apache HttpComponents could allow a remote attacker to...

co.elastic.apm:apm-agent-attach-cli (>=1.26.0 <=1.49.0), com.adobe.documentservices:pdfservices-sdk (>=2.2.2 <=3.5.0) +105 more potentially affected by CVE-2022-45146 via org.bouncycastle:bc-fips (>=1.0.1 <=1.0.2.3)

org.bouncycastle:bc-fips MAVEN version =1.0.1, =1.26.0, =2.2.2, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =3.0.34.RELEASE, =8.0.0, =16.1.0, =1.2.0, =3.1.23, =3.0.0-FINAL, =3.0.0-FINAL, =0.6.0, =0.7.0 - io.github.embedded-middleware:embedded-bookkeeper-core =0.0.1 and more Source cves:...

apm-agent-utils (>=1.0.3 <=1.3.0), enochecker (>=0.0.5 <=0.0.9) +1 more potentially affected by CVE-2019-7617 via elastic-apm (>=4.2.2 <=5.10.1)

elastic-apm PYPI version =4.2.2, =1.0.3, =0.0.5, =0.0.14, =0.0.24.post2 Source cves: CVE-2019-7617 Source advisory: OSV:GHSA-22JH-6GX8-F944...

Security Bulletin: Multiple vulnerabilities in the IBM SDK, Java Technology Edition affects IBM Performance Management products

Summary CVE-2019-2949 deferred from Oracle Oct 2019 CPU Vulnerability Details CVEID: CVE-2019-2949 DESCRIPTION: An unspecified vulnerability in Java SE related to the Kerberos component could allow an unauthenticated attacker to obtain sensitive information resulting in a high confidentiality...

Update Rollup 6 for System Center 2016 Operations Manager

Update Rollup 6 for System Center 2016 Operations Manager Introduction This article describes the issues that are fixed in Update Rollup 6 for Microsoft System Center 2016 Operations Manager. This article also contains the installation instructions for this update. Improvements and issues that ar...

apm-agent-utils (>=1.0.3 <=1.3.0), enochecker (>=0.0.5 <=0.0.9) +1 more potentially affected by CVE-2019-7617 via elastic-apm (>=4.2.2 <=5.10.1)

elastic-apm PYPI version =4.2.2, =1.0.3, =0.0.5, =0.0.14, =0.0.24.post2 Source cves: CVE-2019-7617 Source advisory: OSV:PYSEC-2019-178...

CVE-2019-7615

A TLS certificate validation flaw was found in Elastic APM agent for Ruby versions before 2.9.0. When specifying a trusted server CA certificate via the 'servercacert' setting, the Ruby agent would not properly verify the certificate returned by the APM server. This could result in a man in the...

CVE-2019-7615

A TLS certificate validation flaw was found in Elastic APM agent for Ruby versions before 2.9.0. When specifying a trusted server CA certificate via the 'servercacert' setting, the Ruby agent would not properly verify the certificate returned by the APM server. This could result in a man in the...

Design/Logic Flaw

A TLS certificate validation flaw was found in Elastic APM agent for Ruby versions before 2.9.0. When specifying a trusted server CA certificate via the 'servercacert' setting, the Ruby agent would not properly verify the certificate returned by the APM server. This could result in a man in the...

CVE-2019-7615

A TLS certificate validation flaw was found in Elastic APM agent for Ruby versions before 2.9.0. When specifying a trusted server CA certificate via the 'servercacert' setting, the Ruby agent would not properly verify the certificate returned by the APM server. This could result in a man in the...